Screen Crab 


The Screen Crab by Hak5 


The Screen Crab by Hak5 is a stealthy video man-in-the-middle implant. 


This covert inline screen grabber sits between HDMI devices - like a computer and monitor, or console and 
television - to quietly capture screenshots. Perfect for sysadmins, pentesters and anyone wanting to record 
what's on a screen. 


WiFi enabled to stream screenshots via Hak5 Cloud C2. 
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O The e-book PDF generated by this document may not format correctly on all devices. For the most- 
to-date version, please see https://docs.hak5.org 


Getting Started 


Screen Crab Basics 


Out of the box the Screen Crab will save screenshots at regular intervals to an inserted MicroSD card. 
Follow these steps for the most basic deployment to get started. 


1. Using two HDMI cables (not included) plug the Screen Crab inline between an input (e.g. a computer, 
chromecast, console, etc) and an output (e.g. monitor, television, projector). 


2. Insert a MicroSD card formatted in either FAT32 or ExFAT. 


3. Power the Screen Crab using a USB-C cable (not included) with a power adapter capable of providing 
5 watts (5 Volts, 1 Amp). 


After a brief 30-second boot time, the Screen Crab LED will light blue to indicate that the MicroSD card is 
being written to with screenshots. To stop recording and eject the MicroSD card - press the button, wait for 
the LED to light solid Green, then eject the card. 


WiFi Antenna ~ Ce HOM! Output 


= USB-C Power Port 


_— LED Status Indicator 


MicroSD Slot Button (= HDMI Input 


Configuring the Screen Crab 


By default the Screen Crab will save screenshots to a MicroSD card at regular intervals. With a blank 
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MicroSD inserted, the Screen Crab will write a config.txt file to the root card. 


DEFAULT CONFIGURATION: 


1 LED ON 

2 CAPTURE_MODE IMAGE 
3 CAPTURE_INTERVAL 5 
4 STORAGE FILL 

5) BUIMMON EJECT 


CAPTURE CONFIGURATION: 


1 LED [ON, OFF] 

2 

3 CAPTURE_MODE [IMAGE, VIDEO, OFF] (LED indication: Image=Blue, Video=Yellow, Off=0 
4 

5 DEDUPLICATE [ON, OFF] (Only for IMAGE CAPTURE_MODE) 

6 

7 CAPTURE_INTERVAL [N] (in N seconds) 

8 

9 STORAGE [ROTATE or FILL] 

11 BUTTON [EJECT, OFF] 


13 VIDEO_BITRATE [LOW, MEDIUM, HIGH] 
14 (low 2Mbps, medium 4Mbps, high 16Mbps) 


LED Status Indications 


GREEN 
RED 

CYAN 
MAGENTA 


Booting or SD card safe to eject 
MicroSD card full or not found 
Configuring WiFi per config.txt 
Capture mode override 
BLUE Capturing images 
YELLOW Capturing video 
WHITE No signal 
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STARTUP STATUS 


e LIGHT CYAN (SHORT) 


e Device received power, starting boot 


e BLINKING GREEN 


e Waiting for capture to complete, ejecting SD card 


O Removing the MicroSD card before the LED lights solid green may damage the card. 


e SOLID GREEN 

e (After light cyan) Booting 

e (After button push) SD is safe to eject 
e SOLID RED 


e SD card full or not detected 


CONFIGURATION STATUS 


e SOLID CYAN 
e Wireless config unchanged on device/MicroSD 
e BLINKING CYAN 
e Updating device wireless to match MicroSD config.txt 


e Updating device wireless state to match MicroSD config.txt 


e Changing from wireless disabled -> wireless enabled 
e Changing from wireless enabled -> wireless disabled 


e SOLID MAGENTA 


e Device button listening for capture override 


e INVERSE BLINK MAGENTA 


e Button pushed once during capture override mode at startup - config set to default image capture 


e Button pushed twice during capture override mode at startup - config set to default video capture 


CAPTURE STATUS: 


e SOLID BLUE 


e Has video signal and capturing images to SD card 


e SOLID YELLOW 


e Has video signal and capturing video to SD card 


e SOLID WHITE 
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° Has no video signal 


UPGRADE STATUS: 


e BLUE/RED POLICE PATTERN 


e Screen Crab detected upgrade.bin on MicroSD card at boot - starting device upgrade 


e BLUE/MAGENTA POLICE PATTERN 


e Screen Crab starting framework upgrade 


e FOREVER BLINKING RED - only during device upgrade (following police pattern) 
e Software Upgrade Failed 


/\, Do not unplug power from the device or remove the MicroSD card during the upgrade process as 
doing so may render the device inoperable. 


Configuring Cloud C? 


Cloud C? Configuration 


To get the most out of your Screen Crab, configure your device to connect to your Cloud C2 instance; This 
way you'll be able to to remotely view configure and manage the device - all through the web. 


To configure your Screen Crab to connect to your Cloud C2 instance follow these simple steps: 


1. Download the device.config from Cloud C2 
2. Copy the device.config to the root of the MicroSD card 


3. Configure config.txt onthe MicroSD card for wireless 


For the best performance using your Screen Crab connected to Cloud C2, usea config.txt that only 
contains the wireless options below 


WiFi Configuration 


The two WiFi parameters are: 


e WIFI_SSID —the network name 


e WIFI_PASS -the WPA-PSK password 
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Any characters after these variables will be used as the values. Special considerations must be made for 
WiFi network names and nasswords containina snecial characters or spaces. 
For example: 


1 WIFI_SSID This is my network 
2 WIFI_PASS The P@$$word is 1337!! 


Should be escaped: 


1 WIFI_SSID This\ is\ my\ network 
2 WIFI_PASS The\ P\@\$\$word\ is\ 1337\!\! 


Product Information 


Important Safety Information and Warnings 


Your device may get hot to the touch; this is normal. Unplug the device and let it cool before removing it. 
This device complies with applicable surface temperature standards and limits defined by the International 
Standard for Safety (IEC 60950-1). Still, sustained contact with warm surfaces for long periods of time may 
cause discomfort or injury. Keep the device in a well-ventilated area when in use. Allow for adequate air 
circulation under and around the device. Do not expose the device to water or extreme conditions (moisture, 
heat, cold, dust), as the device may malfunction or cease to work when exposed to such elements. Do not 
attempt to disassemble or repair the device yourself. Doing so voids the limited warranty and could harm 
you or the device. This device is not designed, manufactured or intended for use in hazardous environments 
requiring fail-safe performance in which the failure of the device could lead directly to death, personal injury, 
or severe physical or environmental damage. 


The Screen Crab is a network administration and pentesting tool for authorized auditing and security 
analysis purposes only where permitted subject local and international laws where applicable. Users are 
solely responsible for compliance with all laws of their locality. Hak5 LLC and affiliates claim no 
responsibility for unauthorized or unlawful use. © Hak5 LLC. 


This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) 
this device may not cause harmful interference, and (2) this device must accept any interference received, 
including interference that may cause undesired operation. Warning (Part 15.21) Changes or modifications 
not expressly approved by the party responsible for compliance could void the user’s authority to operate 
the equipment. RF Exposure (OET Bulletin 65) To comply with FCC RF exposure requirements for mobile 
transmitting devices, this transmitter should only be used or installed at locations where there is at least 
20cm separation distance between the antenna and all persons. Information to the User - Part 15.105 (b) 
Note: This equipment has been tested and found to comply with the limits for a Class B digital device, 
pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against 
harmful interference in a residential installation. This equipment generates, uses and can radiate radio 
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frequency energy and, if not installed and used in accordance with the instructions, may cause harmful 
interference to radio communications. However, there is no guarantee that interference will not occurina 
particular installation. If this equipment does cause harmful interference to radio or television reception, 
which can be determined by turning the equipment off and on, the user is encouraged to try to correct the 
interference by one or more of the following measures: * Reorient or relocate the receiving antenna. * 
Increase the separation between the equipment and receiver. * Connect the equipment into an outlet ona 
circuit different from that to which the receiver is connected. * Consult the dealer or an experienced radio/TV 
technician for help. 


Screen Crab is a trademark of Hak5 LLC. This product is packaged with a limited warranty, the acceptance 
of which is a condition of sale. See Hak5.org for additional warranty details and limitations. Availability and 
performance of certain features, services and applications are device and network dependent and may not 
be available in all areas; additional terms, conditions and/or charges may apply. All features, functionality 
and other product specifications are subject to change without notice or obligation. Hak5 LLC reserves the 
right to make changes to the products description in this document without notice. Hak5 LLC does not 
assume any liability that may occur due to the use or application of the product(s) described herein. Made in 
China. Designed in San Francisco by Hak5 LLC, 548 Market Street, #39371, San Francisco, CA, 94104. 


Specifications 


INTERFACE: HDMI, USB, MICROSD 
STANDARDS: HDMI 1.4/DVI 1.0, 802.11b/g/n 
FREQUENCY RANGE: 2.412 ~ 2.4835 GHz 

SIZE: 105 x 51 x 21 mm 

POWER: 5W (USB 5V 1A) 

OPERATING TEMPERATURE: 35°C ~ 45°C 
STORAGE TEMPERATURE: -20°C ~ 50°C 
RELATIVE HUMIDITY: 0% to 90% (noncondensing) 


Troubleshooting 


WiFi Diagnostics 


Please follow the below guide to generate a WiFi diagnostics file. 


1. Create a file named autoexec.txt on the root of the SD card containing: 


1 source /system/bin/crab && locate_sd && wifi_config > $SD_LOCATION/wifiinfo.txt && ping -c 


2. Insert the MircoSD card into the Screen Crab and apply power. 
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2 After hnntiin and diannnctics the | FN enalare will channe ranidly 


4. Check if the device has connected to the WiFi network. 
5. Press the button and safely eject the MicroSD card. 


6. Check the MicroSD card for troubleshooting assistance in the newly created wifiinfo.txt file. 
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